What is TrustiPhication?
TrustiPhication is the process by which trustworthy processes and capabilities are incorporated into a product or solution. The (kind of) clever name was created to pique your curiosity, but the concept is actually extremely powerful and surprisingly underutilized. Far too many connected devices today lack the capabilities and the surrounding infrastructure to provide the needed security to keep us and our data safe. We are here to change that.
In the days when most devices were isolated to closed networks and direct physical connections, the primary focus was on user authentication, not device authentication or device integrity. Trustworthiness of devices was not generally an issue. Vendors either didn’t worry about device trustworthiness at all, or they integrated their own proprietary security solutions into their devices. Attacks on most devices themselves tended to be isolated and limited in scope. This lack of focus on device trustworthiness has carried over into many
new connected products exposing both manufacturers and their customers to the
realistic cybersecurity threats of today.
Today, with the explosive growth of connected devices creating the “Internet of Things” (IoT), many vendors have failed to recognize that device trustworthiness is an essential characteristic. Without it, attackers are increasingly able to penetrate our networks and our systems. That’s where we come in. For new products, we can build a secure foundation that maximizes trust. For existing products, we can help you find the best way to retrofit and/or enhance your solution to create as much trust and security as is feasible.
There are many technologies
and tools that can be used to improve the security of your devices. When used appropriately, these technologies
and tools can create “trustworthy capabilities” that you and your customers
rely on. These capabilities vary
depending on the type of device, its environment, the usage model and the
constraints of what the device is capable of.
Some of the key capabilities we can incorporate in your products
Device identification & authentication
Network access control (e.g. using Trusted Network Connect (TNC))
Secure provisioning schemes – local & remote
"Sealing" data to a platform
Binding peripherals to a platform
Trusted software/firmware update
Key and certificate management